From d5f71a15f33f71f296d4dc8fbe0c7d70770f90de Mon Sep 17 00:00:00 2001
From: Earl Warren <contact@earl-warren.org>
Date: Sun, 27 Apr 2025 12:40:00 +0000
Subject: [PATCH] [v7.0/forgejo] chore: rely on renovate for security checks
 (#7676)

There is no way to silence vulncheck when there is a non-relevant
security error (https://github.com/golang/go/issues/61211).

This is problematic when fixing such an error would require upgrading
a large amount of dependencies, for instance in the case of

https://github.com/ClickHouse/ch-go/security/advisories/GHSA-m454-3xv7-qj85

which is only ever relevant for testing and not production in the
context of Forgejo.

Now that renovate is used for stable branches, it can be used as an
alternative. It will propose relevant security updates by default and
it will also be possible to decline them if they do not matter.

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/7676
Reviewed-by: Michael Kriese <michael.kriese@gmx.de>
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
Co-authored-by: Earl Warren <contact@earl-warren.org>
Co-committed-by: Earl Warren <contact@earl-warren.org>
---
 Makefile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Makefile b/Makefile
index 5496dddb09..05024d1f80 100644
--- a/Makefile
+++ b/Makefile
@@ -382,7 +382,7 @@ checks: checks-frontend checks-backend
 checks-frontend: lockfile-check svg-check
 
 .PHONY: checks-backend
-checks-backend: tidy-check swagger-check fmt-check swagger-validate security-check
+checks-backend: tidy-check swagger-check fmt-check swagger-validate
 
 .PHONY: lint
 lint: lint-frontend lint-backend lint-spell